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Thus, when one compares Shigenaga with the "Authenticate Card Routine 300" disclosed in 
Lee, which is discussed in more detail below, it is apparent that the cited documents are 
totally different. For example: 

• Shigenaga teaches encrypting the random nimiber prior to sending to card, 
whereas in contrast to Lee which teaches sending the random number 
imencrypted; 

• Shigenaga teaches decrypting in the card IC, whereas in contrast Lee fails to 
teach decrypting in the card IC to authenticate the card; 

• Shigenaga teaches sending the random number back to the terminal in 
unencrypted form, whereas in contrast Lee teaches sending the random numb©' to 
the host in encrypted form; and, 

• Shigenaga teaches that the terminal compares the received data to the stored 
random number, whereas in contrast Lee teaches that the data needs to be 
lonenctypted prior to comparison. 

Therefore, with such a large number of contrasting features of the respective systems, the 
applicant submits that a skilled person in the art would simply not be motivated to combine 
Shigenaga with Lee. 

Furthermore, Shigenaga suggests that it is essential that the authentication is performed by 
comparing the actual processing time with the estimation processing time. Lee fails to 
suggest any such feature. Therefore, it is submitted that a person skilled in the art would 
simply not be motivated to combine Shigenaga whidi relies on comparing processing times 
with Lee which simply compares random numbers. 

Additionally, a skilled person in the art would not be motivated to combine Shigenaga with 
Lee since both are directed to encrypting and decrypting random numbers at totally opposite 
ends of the system (ie. at the host or at the card). 

There is no suggestion or motivation in either Lee or Shigenaga that two opposing 
authentication techniques coxild be combined since there is a large number of contrasting 
features. Additionally, there is no suggestion or motivation in the knowledge generally 
available to one of ordinary skill in the art that a public key used for encrypting could also be 
used for decrypting data for authenticating an untrusted authentication chip. Furthermore, 
there is no suggestion or motivation in the knowledge generally available to one of ordinary 
skill in the art that a private key used for decrypting could also be used for encrypting data 
for authenticating an untrusted authentication chip. 

Therefore, there is no motivation to combine Shigenaga with Lee for authenticating an 
untrusted authentication chip. 

In any event, if Shigenaga was combined with Lee, obviousness can only be established by 
combining or modifying teadiings of the prior art to produce the claimed invention where 
th^e is some teaching, suggestion or motivation to do so found either in the references 
themselves or in the knowledge generally available to one of ordinary skill in the art. 

On pages 3 to 4 of the Office Action, the Examiner has stated: 

"Shigenaga does no disclose applying, in the trusted authentication chip, a key one 
way /unction to the second decrypted outcome using the second key to produce an 
encrypted outcome... Lee discloses the IC card performs both encrypt and decrypt 
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function using an internal key stored in the card and the terminal card performs both 
encrypt and decrypt Junction using an identifying key stored in memory (column 6, 
lines 37-67r 

However, on closer mspection of the section of Lee which the Examiner has highlighted, in 
fact Lee describes two separate routines that are performed se parately. 

In particular, lines 37 to 52 describes the "Authenticate Card Routine 300" which is used tor 
"allowfingj system 200 to determine whether a card inserted into one of the card units is 
authenHc" (Column 6, lines 37 to 40), The "Authenticate Card Routine 300" comprises the 
steps of: 

• a processor 122 generating a random number (column 6, lines 40 and 41); 

• processor 122 transmits generated random number to the card (column 6, line 
41); 

• card receives random number; (colxmm 6, lines 41 to 42); 

• card encrypts random number using algorithm and an "internal key" (column 6, 
lines 42 to 43); 

• card returns encrypted random number to processor 122 (column 6, line 44); 

• processor 122 decrypts the encrypted nimiber based upon same algorithm and an 
identifying key (column 6, lines 46 to 48); and 

• processor 122 compares the original random number to the decrypted random 
number to determine axithenticity of the card (column 6, lines 48 to 50). 

In contrast to the "Authenticate Card Routine 300", as described by Lee, and outlines above, 
claim 1 of the present application describes: 

• applying in the trusted authentication chip a keyed one way function to a random 
number by using a first key, thereby producing a first encrypted outcome , 

• applying in the untrusted authentication chip a keyed one way flmction to the 
random number vising a second kev. thereby producing a second encrypted 
outcome . 

• comparing the first encrypted outcome and the second encrypted outcome, 
without knowledge of the first or second key . 

Thus, as shown in the comparison above, Lee does not describe having a first and a second 
encrypted outcome produced by the trusted and untrusted authentication chips respectfiiUy, 
where the first and second encrvoted outcomes are compared in order to determine whether 
the imtusted authentication chip is valid. In Lee, the processor in the Authenticate Card 
Routine 300 compares the original random number to the decrypted random number in order 
to determine the authenticity of the card. 

Additionally, Lee does not describe the application of a first and a second key in the trusted 
and untrusted chips respectfiiUy to produce the first and second encrypted outcomes, Lee 
only encrypts the random number once, in the processor, the random number is then 
returned to the card, and is decrypted. Lee does not desaibe separately encrypting the 
random numb^s thereby producing two separate encrypted outcomes. 

Furthermore, the Applicant highlights to the examiner that claim 1 describes comparing the 
first and second encrypted outcomes without knowledge of the first and second keys. In the 
Authenticate Card Routine 300 of Lee, the processor first decrypts the encrypted random 
number received based upon an algorithm and an identifying key stored in the memory 126, 
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fccfoxTC coTELpcurins tKc; ori^Ekal i-an<3om nuxnlxtr to ttkes decrypted mrKdom nvunxber. Tli&us, tlxo 
proocs sor ha.s Icno^vtrlcds^ of at loELsrt ono leery, "wtilcxhi is Ln contrast to ttkc vo-lidxiti on protocol 
o'f" dalxn 1 . 

TTuju*, clai-m 1 of tines prcnent invention provides mjurxemous distinctions "h>ctt^^e«n. a 
comnt^inaKtion of!" Sliigena^a aA<l X-ee. 

Itx a totally sepajrette rovitine as slxo-wn. in. fistxro 3. descnbes cx^ csoluxnn 6, lines S3 to 63 

tiie ** Aixtli CO ti.oat e Host Routixio 3 lO** which is usod "to allcrw a ctxr-d tc» tJ^t&r-min^ wHatH-cr 
th^ j^r'occss irtg: system in -wPt,icM% r/zc cczwci is iris^v-tGel is a*^t^»^r»tic:'" . 1 "tn-is, descrilDes tlx3.t 

this routine is used "b^r the card to determine tJtir* n yathenticrit-v o f tf^ff host . 

TTiercs-fore ** .A u-the i it i cate Oarxl R.outine 300" is in total contrast to ".Authenticate UTost 
R-OUtino 3 1 "bocausc "Authenticate Card ftoutine 300" is used for authenticating the card 
'Whereas *'>Vuthcn.ticato I-iost Routine 3 lO** is U9ed for authenticating the host- T^o 'where in 
X_x<?o is it sug.scsted that these two routines could he csomhined to only authenticate the card. 

In any event, the routine for authonti oat in g the host, as descrihed t>y X^^ee, is in contrast to the 
present claim 1 Sot slxxxilar reasons as described al>o've "with respect to the card authenticati ort 
routixisK 300. 

nrhe host authentication routine 3 1 O does not descrihe having a first and a second encrypted 
outcome produced by the trusted arkd un trusted authentication chips respectfully, -where tho 
first and second encrypted outcomes are compared in order to determine -whether the 
untrusted authentication chip is valid . In Lee, the card in the A^uthenticate Oard 'R.outine 3 1 O 
compares the original random number to the decrypted random number in order to determ ino 
the authenticity of the processor. Furthermore, the rx^utirie 3 1 O in .1L,ee does not describe thci 
application of a first and a second leey in the trusted and untrusted chips respectfially to 
produce the first .and second encrypted outcomes. 

Thxxs, lines 3 7 to G7 of column & which the ^xaanxner has hijshlishted are irrelevant to the 
clalxns. A-Ccordixxsly, the combined teachings of lines 3 7 to 67 in column <S of I-ee and the 
disclosure of Shis^na^sa. fail to teach or sujseECSt the features of claim 1 as outlined aboye. 

IThe Applicant respectfully submits that in authentication systetiaSj, these are not triviul 
distinctions, and claixxi. 1 is patentable over a combijxation of Shisena^a and lUee. 

The TVLfiiT* states at 21-4-3 **^€*sic Ji.&4j%dir4sm&nts c»ftM F^r-irvta F'ad^ Ctxja^f ctf <^b-\H€>*djsi'»^ss" th«%t: 

"... tHr'^ms b^xsic c»^it^r~i£M wrtz^t t>^ m^t. J^'irst. th^r-e mx*st b& sorr%& :s x^^^es rion 

£*v£*tlc*i>l& to onty oy o r-<Jirx*::zrzy sfcJil In thai art, to modi^^ tH& rct/iar^Tt.c& or- to combine 
/-«S/fe^e«o^ tea crHi ns^s . Second, tHtsr^s mtdst t>G <t r-ecxj^onabl^ axj^^^ctatit^n o^f stMCCtL'Sts. 

4Pffi gfog//yg fimff<'ti^njr. 

ZT'/x^ ttsct-cMirifg or- st^gggr^sjrrion to m^x/c^ cH^ cl^xim&d combination and th& r-^ax onab 
eLKjct^ctcttion oy s%4.cdsss m-txst bot/z ber _fbr*nd In tHe pyrior art, not in cM^j>lic€*nt's 
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• applying i*i the trustcsd. authentication chip a Iceyod one way ftj.no t ion to a random 
numb-or by usins ^ first icev . thereby producing a first encrypted outooipnie . 

• applying in the untrusted authentication chip a keyed one w^ay function to the 
random number usinj^ a second Icey - thereby prro ducin a second encrypted 
OUtCQIXLC- 

comparing the first encrypted outcome and the second encrypted outcoi ne, 
wjitbo^n KTWowl<wlgg qf thg first 3«ggond kgy- 

TT-ie applicant submits that independent claims 1 and 6 are patentable over Shi^ena^a in 
view of ILee as required by MI»EI* at 2 1 -4-3 - 

The applicant respectfully requests that Examiner withdraw the rejection to all the claims. 

In view of the foregoing, it ia respectfully requested tha,t the Bxarniner reconsider and 
withdraw the rejections under 35 T-J.S.C §103<a>. The present application is "believed to l>t> in 
condition for allowance. According;! y, the Applicant respectfully requests a >rotice of 
Allow^ance of all the claims presently under examination. 

Very respectfully. 
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